diff --git a/apps/matrix/CLAUDE.md b/apps/matrix/CLAUDE.md index b84f56f87..562c074ea 100644 --- a/apps/matrix/CLAUDE.md +++ b/apps/matrix/CLAUDE.md @@ -2,6 +2,8 @@ Secure Matrix messaging client - a bridge to decentralized communication. +**Production URL:** https://link.mana.how + ## Project Overview Manalink is a privacy-focused Matrix client built with SvelteKit. It connects to Matrix homeservers (default: matrix.mana.how) and supports PWA installation for mobile devices. @@ -159,6 +161,15 @@ No environment variables required for basic usage. The client stores credentials The login page defaults to `matrix.mana.how` but any Matrix homeserver can be used. +### Test Account + +For testing the SSO login flow: +- **Email:** t@t.de +- **Password:** test1234 +- **Auth URL:** https://auth.mana.how +- **Matrix Homeserver:** matrix.mana.how +- **Web Client:** https://link.mana.how + ## Matrix SDK Notes ### Browser Polyfills @@ -205,6 +216,20 @@ if (browser) { ## Troubleshooting +### Can't see the login page / stuck on loading + +The app auto-logs in if credentials are stored in localStorage. To reset: + +1. **Browser console method:** + ```javascript + localStorage.removeItem('matrix_credentials'); + location.reload(); + ``` + +2. **Direct URL:** Navigate to `https://link.mana.how/login` directly + +3. **If logged in:** Use the logout button in settings or navigation + ### "super.off is not a function" This is a known issue with typed-event-emitter. Make sure polyfills are loaded before any matrix-js-sdk imports. diff --git a/apps/matrix/apps/web/src/lib/stores/navigation.ts b/apps/matrix/apps/web/src/lib/stores/navigation.svelte.ts similarity index 100% rename from apps/matrix/apps/web/src/lib/stores/navigation.ts rename to apps/matrix/apps/web/src/lib/stores/navigation.svelte.ts diff --git a/apps/matrix/apps/web/src/routes/(app)/+layout.svelte b/apps/matrix/apps/web/src/routes/(app)/+layout.svelte index 1a030f209..bcdd2d7af 100644 --- a/apps/matrix/apps/web/src/routes/(app)/+layout.svelte +++ b/apps/matrix/apps/web/src/routes/(app)/+layout.svelte @@ -16,7 +16,7 @@ import { isSidebarMode as sidebarModeStore, isNavCollapsed as collapsedStore, - } from '$lib/stores/navigation'; + } from '$lib/stores/navigation.svelte'; import { PillNavigation } from '@manacore/shared-ui'; import type { PillNavItem, PillDropdownItem } from '@manacore/shared-ui'; import { getPillAppItems } from '@manacore/shared-branding'; diff --git a/services/mana-core-auth/CLAUDE.md b/services/mana-core-auth/CLAUDE.md index d7d321613..2ba552729 100644 --- a/services/mana-core-auth/CLAUDE.md +++ b/services/mana-core-auth/CLAUDE.md @@ -172,7 +172,58 @@ For dynamic data (credits, org info), create API endpoints instead. 2. Check `auth.users` table exists 3. Check `auth.accounts` table for credential record -## Testing Auth Flow +## Cross-Domain SSO + +Session cookies are shared across all `*.mana.how` subdomains via `COOKIE_DOMAIN=.mana.how`. + +**How it works:** +1. User logs in on any app (e.g., `calendar.mana.how`) +2. Session cookie set with `Domain=.mana.how` +3. User navigates to another app (e.g., `todo.mana.how`) +4. Browser sends the same cookie → User is already authenticated + +**Configuration** (`better-auth.config.ts`): +```typescript +advanced: { + cookiePrefix: 'mana', + crossSubDomainCookies: { + enabled: !!process.env.COOKIE_DOMAIN, + domain: process.env.COOKIE_DOMAIN, // '.mana.how' in production + }, +} +``` + +**Environment Variable:** +- Production: `COOKIE_DOMAIN=.mana.how` +- Development: Leave empty (cookies domain-specific) + +## Test Credentials (Production) + +For automated testing against `auth.mana.how`: + +| Field | Value | +| -------- | -------------------------- | +| Email | `claude-test@mana.how` | +| Password | `ClaudeTest2024` | +| User ID | `kxMeQZSM1HhdiM1ed5EOQ9z0o0aCiXux` | + +**Usage:** +```bash +# Login (returns JWT tokens) +curl -X POST https://auth.mana.how/api/v1/auth/login \ + -H "Content-Type: application/json" \ + -d '{"email":"claude-test@mana.how","password":"ClaudeTest2024"}' + +# Login with cookies (Better Auth native - for SSO testing) +curl -c cookies.txt -X POST https://auth.mana.how/api/auth/sign-in/email \ + -H "Content-Type: application/json" \ + -d '{"email":"claude-test@mana.how","password":"ClaudeTest2024"}' + +# Verify cookie has Domain=.mana.how +cat cookies.txt | grep mana.how +``` + +## Testing Auth Flow (Local Development) ```bash # Register